Category: Linux software

How to Install and Configure WireGuard VPN on Debian 12 and Linux Mint

WireGuard is a modern, fast, and secure VPN protocol that is easy to set up. In this guide, we will show you how to install and configure a WireGuard server on a Debian 12 VPS and connect to it from a Linux Mint client.

Step 1: Update Your Debian Server

First, ensure your server packages are up-to-date:

sudo apt update && sudo apt upgrade -y

Step 2: Install WireGuard on Debian

sudo apt install wireguard -y
modprobe wireguard

Step 3: Generate Server Keys

wg genkey | tee /etc/wireguard/server_private.key | wg pubkey > /etc/wireguard/server_public.key

Step 4: Configure WireGuard Server

Create the server configuration file /etc/wireguard/wg0.conf:

[Interface]
Address = 10.8.0.1/24
ListenPort = 51820
PrivateKey = <SERVER_PRIVATE_KEY>
SaveConfig = false

# Client 1 example
#[Peer]
#PublicKey = <CLIENT1_PUBLIC_KEY>
#AllowedIPs = 10.8.0.2/32

Replace <SERVER_PRIVATE_KEY> with the contents of /etc/wireguard/server_private.key.

Step 5: Enable IP Forwarding

echo "net.ipv4.ip_forward=1" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p

Step 6: Configure NAT

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo apt install iptables-persistent -y
sudo netfilter-persistent save

Step 7: Start WireGuard Server

sudo systemctl enable wg-quick@wg0
sudo systemctl start wg-quick@wg0
sudo wg

Step 8: Install WireGuard on Linux Mint Client

sudo apt update
sudo apt install wireguard -y
wg --version

Step 9: Generate Client Keys

wg genkey | tee client_private.key | wg pubkey > client_public.key

Step 10: Add Client to Server

Edit /etc/wireguard/wg0.conf on the server:

[Peer]
PublicKey = <CLIENT_PUBLIC_KEY>
AllowedIPs = 10.8.0.2/32

Replace <CLIENT_PUBLIC_KEY> with the contents of client_public.key from the Linux Mint client.

Step 11: Create Client Configuration

Create /etc/wireguard/wg0.conf on Linux Mint:

[Interface]
PrivateKey = <CLIENT_PRIVATE_KEY>
Address = 10.8.0.2/32
DNS = 1.1.1.1

[Peer]
PublicKey = <SERVER_PUBLIC_KEY>
Endpoint = <SERVER_PUBLIC_IP>:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 25

Step 12: Start WireGuard Client

sudo wg-quick up wg0

To stop the client:

sudo wg-quick down wg0

Step 13: Automatic Start (Optional)

sudo systemctl enable wg-quick@wg0

Step 14: Verify Connection

sudo wg
ip a

Now your Linux Mint client should be connected securely to the WireGuard server on Debian 12.

Note: Make sure to replace all placeholders like <SERVER_PRIVATE_KEY>, <CLIENT_PRIVATE_KEY>, <CLIENT_PUBLIC_KEY>, and <SERVER_PUBLIC_IP> with the real values from your setup.

Install Bitwarden to your server

Bitwarden is an open-source password manager that helps you store, manage, and share your login credentials securely. You can use it personally or as a team/organization.

To install Bitwarden on your server use next steps:

1. Update your server

sudo apt update && sudo apt upgrade -y

2. Install Docker + Docker Compose

sudo apt install docker.io docker-compose -y
sudo systemctl enable --now docker

3. Add your current user to docker group

sudo usermod -aG docker $USER

4. Go to Bitwarden Github repository: https://github.com/bitwarden/server and copy and run installation commands on your server:

curl -s -L -o bitwarden.sh \
    "https://func.bitwarden.com/api/dl/?app=self-host&platform=linux" \
    && chmod +x bitwarden.sh
./bitwarden.sh install
./bitwarden.sh start

Ventoy – open source tool to create bootable USB drives

Ventoy is an open source tool to create a bootable USB drive for ISO/WIM/IMG/VHD(x)/EFI files.

With ventoy, you don’t need to format the drive again and again, you just need to copy the ISO/WIM/IMG/VHD(x)/EFI files to a USB flash drive and load them directly.

You can copy many files at the same time, and ventoy will give you a boot menu to select them.

Official WebSite: https://www.ventoy.net/en/index.html

Cockpit – Web GUI for Your Linux Servers

Cockpit gives you a GUI for your server, which can be accessed via a web browser. Cockpit makes it easy to start containers, administer storage, configure networks, inspect logs, and perform system tasks with a mouse.

You can think of Cockpit like a graphical “desktop interface”, but for individual servers.

To install Cockpit on Debian / Ubuntu use command:

sudo apt install cockpit

Default Cockpit web port is 9090, don’t forget to allow access to this port in your firewall.

With Cockpit you can easy get access to server terminal from your Web-browser:

Touchégg

Touchégg is an app that runs in the background and transform the gestures you make on your touchpad or touchscreen into visible actions in your desktop.

For example, you can swipe up with 3 fingers to maximize a window or swipe left with 4 finger to switch to the next desktop.

Many more actions and gestures are available and everything is easily configurable.

Download and install program you can on official Git repository: https://github.com/JoseExposito/touchegg